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DETAILED ACTION 
Status of Claims 

This communication is in response to remarks and amendment filed on December 19, 
2005. Claims 1-21, 23, 24, 26-68 apd 70-76 remain pending. 

Response to Arguments 

Applicant's arguments filed on 12/19/2005 have been fully considered but they are not 
persuasive. 

Applicant argues that the references alone and/or in combination fail to teach an element 
of the independent claims (p. 13). Specifically, applicant contends that Mark fails to teach "a 
number authentication system that provides anti-circumvention protection that prevents 
activation of a dialer from a location other than the user location." Id. Applicant 
mischaracterizes the Mark reference but stating that it merely "teaches methods of preventing 
touch tone information from being stolen" and as such differentiates it from the claimed subject 
matter. Id. at 13-14. The examiner respectfully disagrees. 

Applicant's disclosure provides that "the authenticating server 20 may include a system 
for identifying the first number from which the user has dialed, to prevent a user from attempting 
to circumvent the system 10, e.g., by activating a dialer at the user location 12 from a location 
other than the user location 12, [sic] Such a first number identifying system may comprise, by 
way of example only, Dialed Number Identification Services (DNIS) (specification pp. 9-10)." 
Applicant further states that upon comparing the originating call with the database of authorize 
locations for enabling verification, the client is prompted for a security challenge, i.e., a pin. Id. 
at 10. Mark teaches that the switching centers trace and determine the identity of the auto dialer 
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being used to place the call from the received data (column 45). Mark further provides for 
multiple additional security features to authenticate access to the user as detailed in columns 49- 
52 and 56-58. The response to the challenge entered by client is perhaps a pin, password, birth 
date entered into the keypad of a phone, as provided by the specification. 

Claim Rejections - 35 USC § 103 
The text of those sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 

Claims 1-21, 23, 24, 26-68 and 70-76 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Goertzel et al. (hereinafter Goertzel, US 6,308,273 Bl) in view of Mark 
(US 5,732,133). 

1 . Goertzel discloses a system for enabling remote access to an application server, upon 
authentication of a location from which a user has sought access as an authorized location, for 
enabling processing of a transaction requiring user location authentication, wherein the user 
location includes means for enabling the user to request remote access to the application server, 
the system comprising (column 1, line 5 5 -column 2, line 13): 

• an access server, for receiving and processing a request for access to the application 
server from a user request enabling means, the server adapted to be located remote from 
the user's location (figure 4, 68 remote access server); 

• an authenticator for authenticating the location of the user responsive to receipt of a 
processed request from the access server, the authenticator adapted to be connected to the 
access server (figure 4, 71 location detection mechanism); 
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• means for interconnecting the access server and the authenticator (column 5, figure 5A-B, 
528 lookup number in database; column 7, line 55-column 8, line 4). 

Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that prevents 
activation of a dialer from a location other than the user location. 

Mark, however, teaches a communication system and method wherein the an auto-dialer 
suitable for use as a smartcard is capable of transmitting and receiving information over 
communication lines (e.g., database, auto-dialer and phone line) wherein programming and 
features of the auto-dialer can be individually enabled or disabled in response to pre-selected 
signals (column 5, lines 52-60). Furthermore, Mark teaches various encoding and security 
techniques to increase security when placing a call and/or confidential data while preventing 
unauthorized access and prevention of an auto-dialer utilizing a signal detector mechanism 
(columns 11-12). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention to 
modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the signal detection mechanism of Mark, in order to circumvent unauthorized 
access to secure systems and provide verification of identity and location information to 
accommodate wireless portable small devices and comply with state regulations involving access 
and use of data and remoter services (column 5, lines 10-51). 

Goertzel further discloses : 
2. The system of claim 1, wherein the authenticator comprises an authenticating server 
(figure 14 and associated text). 
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3. The system of claim 1, wherein the authenticator includes means for determining the 
identity of the user (column 8, lines 5-13). 

4. The system of claim 1 , further comprising means for insuring the user's presence at the 
location (column 10, lines 38-52)). 

5. 44. The system of claim 1, further comprising means for enabling the user to request remote 
access to the application server (figure 1 and associated text, 49 remote computer). 

6. The system of claim 1, wherein the interconnecting means comprise a network (figure 1 
and associated text). 

7,45. The system of claim 2, wherein the authenticating server includes a database of 
authorized locations, for enabling verification of the location of the user as an authorized user 
location (figure 4, database or registered numbers 74) 

8. The system of claim 2, wherein the authenticating server comprises a Remote Access 
Dial-In User Service (RADIUS) server (figure 5B). 

9, 36. The system of claim 3, wherein the user identity determining means comprise a challenge 
and response system (column 16, lines 35-47; figure 13). 
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10,42,57. The system of claim 4, wherein the user presence insuring means 

comprise a card for identifying the user, and a reader for reading the user identifying card, 

adapted to be connected to the user .access request enabling means at the user location (column 3- 

4). 



1 1 . The system of claim 5, wherein the user request enabling means comprise an interface 
station (figure 1 and associated text, API 36, monitor 47). 

12. The system of claim 5, wherein the user request enabling means comprise a client 
(column 4, lines 5-49). 

1 3. The system of claim 5, wherein the user request enabling means include a location 
identifier (column 4, lines 50-column 6, line 50). 



14, 37. The system of claim 5, wherein the authenticating means are adapted to issue a security 
challenge to the user request enabling means, and the user request enabling means are further 
adapted to interrogate the security challenge, to generate a response, and to transmit the response 
to the authenticator (column 16-17). 
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15. 46. The system of claim 5, wherein the user request enabling means include an identifier 
associated with the user's location, and the authenticator comprises means for authenticating the 
identifier associated with the user's location (column 4, lines 50-column 6, line 50). 

16. The system of claim 5, wherein the user request enabling means include a dialer, located 
at the user's location, and wherein the dialer includes a number associated therewith (Figure 5B) 

17. 47. The system of claim 5, wherein the user request enabling means comprise a plurality of 
user request enabling means, and the interconnecting means comprise a network comprising an 
intranet which includes at least one local area network, adapted to interconnect at least one of the 
plurality of user request enabling means and the access server (figures 1, 2, and associated text). 

18. The system of claim 5, wherein the interconnecting means are further adapted to 
interconnect the user request enabling means (figure 1, 2 and associated text). 

19. The system of claim 6, wherein the network comprises an intranet (figure 2 and 
associated text). 

20. The system of claim 6, wherein the network comprises the Internet (figure 2 and 
associated text). 
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21 , 38. The system of claim 8, further comprising means for enabling the user to request remote 
access to the application server, wherein the authenticating server is further adapted to issue a 
security challenge to the user request enabling means (see above cited corresponding sections). 

23, 31. The system of claim 16, wherein the authenticator comprises a number identifier for 
identifying the number associated with the dialer located at the user's location (see above cited 
corresponding sections). 

24, 32. The system of claim 16, wherein a dialing system includes a plurality of numbers each 
associated with one of a plurality of dialers adapted to enable dialing therefrom and each dialer 
associated with a different user location, and the authenticator further comprises means for 
identifying the first number dialed from in the dialing system (column 1). 

26, 39. The system of claim 21, wherein the user request enabling means are adapted to issue a 
response to the security challenge, and the authenticating means include a database for enabling 
verification of the response of the user request enabling means to the security challenge (see 
above cited corresponding sections). 

27, 33. The system of claim 23, wherein the number identifier comprises Automatic Number 
Identification (column 7, lines 55-59). 
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28, 34. The system of claim 24, wherein the first number identifying means comprises Dialed 
Number Identification Services (Figure 5B). 

29, 40. The system of claim 26, wherein the authenticator is further adapted to verify the 
response of the user request enabling means to the security challenge based on the database in 
the authenticator, and to authorize access to the application server (see above cited corresponding 
sections). 

30, 35. Goertzel discloses a system for enabling remote access to an application server, upon 
authentication of a location from which a user has sought access as an authorized location, for 
enabling processing of a transaction requiring user location authentication, wherein the user 
location includes means for enabling the user to request remote access to the application server, 
the system comprising: 

• an access server, for receiving and processing a request for access to the application 
server from a user request enabling means, the server adapted to be located remote from 
the user's location (see above cited corresponding sections); 

• an authenticator for authenticating the location of the user responsive to lOreceipt of the 
processed request from the access server, the authenticator adapted to be connected to the 
access server, the authenticator including a Remote Access Dial-In Service (RADIUS) 
server (see above cited corresponding sections); 

• means for interconnecting the access server and the authenticator (see above cited 
corresponding sections); and 
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• means for enabling the user to request remote access to the application server, such 
means including a dialer, located at the user's location, wherein the dialer includes a 
dialing number associated therewith; and (see above cited corresponding sections) 

Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that prevents 
activation of a dialer from a location other than the user location. 

Mark, however, teaches a communication system and method wherein the an auto-dialer 
suitable for use as a smartcard is capable of transmitting and receiving information over 
communication lines (e.g., database, auto-dialer and phone line) wherein programming and 
features of the auto-dialer can be individually enabled or disabled in response to pre-selected 
signals (column 5, lines 52-60). Furthermore, Mark teaches various encoding and security 
techniques to increase security when placing a call and/or confidential data while preventing 
unauthorized access and prevention of an auto-dialer utilizing a signal detector mechanism 
(columns 11-12). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention to 
modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the signal detection mechanism of Mark, in order to circumvent unauthorized 
access to secure systems and provide verification of identity and location information to 
accommodate wireless portable small devices and comply with state regulations involving access 
and use of data and remoter services (column 5, lines 10-51). 
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41 . Goertzel discloses a system for enabling remote access to an application server, upon 
authentication of a location from which a user has sought access as an authorized location, for 
enabling processing of a transaction requiring user location authentication, wherein the user 
location includes means for enabling the user to request remote access to the application server, 
the system comprising: 

• an access server, for receivihg and processing a request for access to the application 
server from a user request enabling means, the server adapted to be located remote from 
the user's location (see above cited corresponding sections); 

• an authenticator for authenticating the location of the user responsive to receipt of the 
processed request from the access server (see above cited corresponding sections); 

• means for interconnecting the access server and the authenticator (see above cited 
corresponding sections); and 

• means for insuring user's presence at the location (see above cited corresponding 
sections). - . 

Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that prevents 
activation of a dialer from a location other than the user location. 

Mark, however, teaches a communication system and method wherein the an auto-dialer 
suitable for use as a smartcard is capable of transmitting and receiving information over 
communication lines (e.g., database, auto-dialer and phone line) wherein programming and 
features of the auto-dialer can be individually enabled or disabled in response to pre-selected 
signals (column 5, lines 52-60). Furthermore, Mark teaches various encoding and security 
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techniques to increase security when placing a call and/or confidential data while preventing 
unauthorized access and prevention of an auto-dialer utilizing a signal detector mechanism 
(columns 11-12). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention to 
modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the signal detection mechanism of Mark, in order to circumvent unauthorized 
access to secure systems and provide verification of identity and location information to 
accommodate wireless portable small devices and comply with state regulations involving access 
and use of data and remoter services (column 5, lines 10-51). 

43. Goertzel discloses a system for enabling remote access to an application server, upon 
authentication of a location from which a user has sought access as an authorized location, for 
enabling processing of a transaction requiring user location authentication, wherein the user 
location includes means for enabling the user to request remote access to the application server, 
the system comprising: 

• an access server, for receiving and processing a request for access to the application 
server from a user request enabling means, the server adapted to be located remote from 
the user's location (see above cited corresponding sections); 

• an authenticating server for authenticating the location of the user responsive to receipt of 
the processed request from the access server (see above cited corresponding sections); 
and 
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• a network for interconnecting the access server and the authenticating server (see above 
cited corresponding sections) 

Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that prevents 
activation of a dialer from a location other than the user location. 

Mark, however, teaches a communication system and method wherein the an auto-dialer 
suitable for use as a smartcard is capable of transmitting and receiving information over 
communication lines (e.g., database, auto-dialer and phone line) wherein programming and 
features of the auto-dialer can be individually enabled or disabled in response to pre-selected 
signals (column 5, lines 52-60). Furthermore, Mark teaches various encoding and security 
techniques to increase security when placing a call and/or confidential data while preventing 
unauthorized access and prevention of an auto-dialer utilizing a signal detector mechanism 
(columns 11-12). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention to 
modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the signal detection mechanism of Mark, in order to circumvent unauthorized 
access to secure systems and provide verification of identity and location information to 
accommodate wireless portable small devices and comply with state regulations involving access 
and use of data and remoter services (column 5, lines 10-51). 

48. Goertzel discloses a method of enabling remote access to an application server, upon 
authentication of a location from which a user has sought access thereto as an authorized 
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location, for enabling processing of a transaction requiring user location authentication, wherein 
the user location includes means for enabling the user to request remote access to the application 
server, in a system which comprises an access server, for receiving and processing a request for 
access to the application server from user request enabling means, adapted to be located remote 
from the user's location, an authenticator for authenticating the location of the user responsive to 
receipt of the processed request from the access server, adapted to be connected to the access 
server, and means for interconnecting the access server and the authenticator, wherein the 
method comprises: 

• requesting an access server to enable a user tat a user's location to access the application 
server (see above cited corresponding sections) 

• authenticating the location of the user in the authenticator (see above cited corresponding 
sections); and 

• determining in the authenticator whether to enable the user to access the application 
server based on the authenticating of the user's location (see above cited corresponding 
sections); and 

Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that prevents 
activation of a dialer from a location other than the user location. 

Mark, however, teaches a communication system and method wherein the an auto-dialer 
suitable for use as a smartcard is capable of transmitting and receiving information over 
communication lines (e.g., database, auto-dialer and phone line) wherein programming and 
features of the auto-dialer can be individually enabled or disabled in response to pre-selected 
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signals (column 5, lines 52-60). Furthermore, Mark teaches various encoding and security 
techniques to increase security when placing a call and/or confidential data while preventing 
unauthorized access and prevention of an auto-dialer utilizing a signal detector mechanism 
(columns 11-12). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention to 
modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the signal detection mechanism of Mark, in order to circumvent unauthorized 
access to secure systems and provide verification of identity and location information to 
accommodate wireless portable small devices and comply with state regulations involving access 
and use of data and remoter services (column 5, lines 10-51). 

Claims 22, 25 and 69 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Goertzel et al. (hereinafter Goertzel), U.S. Patent 6,508,710 Bl. 

Goertzel discloses a system/method for enabling remote access to an application server, upon 
authentication of a location from which a user has sought access as an authorized location, for 
enabling processing of a transaction requiring user location authentication, wherein the user 
location includes means for enabling the user to request remote access to the application server, 
the system comprising (column 1, line 55-column 2, line 13): 

• an access server, for receiving and processing a request for access to the application 
server from a user request enabling means, the server adapted to be located remote from 
the user's location (figure 4,-68 remote access server); 
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• an authenticator for authenticating the location of the user responsive to receipt of a 
processed request from the access server, the authenticator adapted to be connected to the 
access server (figure 4, 71 location detection mechanism); 

• means for interconnecting the access server and the authenticator (column 5, figure 5A-B, 
528 lookup number in database; column 7, line 55-column 8, line 4). 

Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that prevents 
activation of a dialer from a location other than the user location. Furthermore, as per claims 22, 
25 and 69, Goertzel fails to explicitly disclose that the user location identifier comprises a 
cookie. 

Mark, however, teaches a communication system and method wherein the an auto-dialer 
suitable for use as a smartcard is capable of transmitting and receiving information over 
communication lines (e.g., database, auto-dialer and phone line) wherein programming and 
features of the auto-dialer can be individually enabled or disabled in response to pre-selected 
signals (column 5, lines 52-60). Furthermore, Mark teaches various encoding and security 
techniques to increase security when placing a call and/or confidential data while preventing 
unauthorized access and prevention of an auto-dialer utilizing a signal detector mechanism 
(columns 11-12). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention 
to modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the signal detection mechanism of Mark, in order to circumvent unauthorized 
access to secure systems and provide verification of identity and location information to 



Application/Control Number: 10/033,716 Page 17 

Art Unit: 3621 

accommodate wireless portable small devices and comply with state regulations involving access 
and use of data and remoter services (column 5, lines 10-51). 

A cookie is a block of data that a server returns to a client in response to a request from 
the client and commonly used to identify a user and is thus old and well known in the computer 
art. It would have been obvious to one of ordinary skill in the art at the time of the invention to 
implement a cookie as part of the authentication process to efficiently verify the location 
information of a returning user for enabling access. 

US references 6,715,080; 6,606,708; 6,51 1,339 further support the examiner's contention 
that the use of a cookie for the above noted purpose is well-known in the art. 

Corresponding claims 49-76 are directed to a method of the above claimed invention and 
are therefore rejected as above. 

Although the Examiner has pointed out particular references contained in the prior art(s) of 

record in the body of this action, the specified citations are merely representative of the 

teachings in the art as applied to the specific limitations within the individual claim. Since 

other passages and figures may apply to the claimed invention as well it is respectfully 

requested that the applicant, in preparing the response, to consider fully the entire references 

as potentially teaching all or part of the claimed invention, as well as the context of the 

» 

passage as taught by the prior arts or disclosed by the examiner. 
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Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure: 

■ US 2002/0041666 Al to Mastro et al. 

■ US 6,167,130 to Rosen. 

■ US 6,935,952 B2 to Walker et al. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Bradley B. Bayat whose telephone number is 571-272-6704. The 
examiner can normally be reached on Tuesday - Friday 8 a.m.-6:30 p.m. and by email: 
bradley.bayat@uspto.gov. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, James Trammell can be reached regarding urgent matters at 571-272-6712. 
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Information regarding the status of an application may be obtained from the Patent 

Application Information Retrieval (PAIR) system. Status information for published applications 

may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 

applications is available through Private PAIR only. For more information about the PAIR 

system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 

system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Any response to this action should be mailed to : 

Commissioner of Patents and Trademarks 
Washington, D.C. 20231 

Or faxed to : 

(571) 273-8300 - Official communications; including After Final responses. 
(571) 273-6704 - Informal/Draft communications to the examiner. 




